Q

Locking out an IP-Address after X login attempts

Is there anyway to lock an IP-address when the SSL login has been wrongly entered a specific number of times?

No, there's no way built into IIS. There are a couple of alternatives that may meet your needs though.

The simplest is to have Web users authenticate to NT4 or Windows 2000 user accounts and enable password lockouts. After x number of unsuccessful authentication attempts, the password will be locked out. However, this solution doesn't block a user's IP address so it doesn't completely meet your needs.

It's also possible to create an ISAPI filter that intercepts incoming HTTP requests and counts the number of times requests from a given IP address include authentication information. If a specific address is attempting a brute-force attack, this ISAPI filter could manipulate the IIS metabase and institute Source-IP Filtering for that address. This meets your needs but you'll have to do some coding.

This was first published in March 2001

Dig deeper on Windows Operating System Management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close